summary refs log tree commit diff
diff options
context:
space:
mode:
authorMarius Bakke <marius@gnu.org>2020-11-25 23:07:29 +0100
committerMarius Bakke <marius@gnu.org>2020-11-25 23:24:52 +0100
commitd64e0261d0007413a795c4cf01f9d06b170da3f5 (patch)
tree4e25a79195836f182feedffd6ecaa8f228df2714
parentcbcd520e1a71d75513a1c47d046142b2ff33ad56 (diff)
downloadguix-d64e0261d0007413a795c4cf01f9d06b170da3f5.tar.gz
etc: Add more SELinux permissions for the daemon.
This is needed for some package test suites.

* etc/guix-daemon.cil.in (guix_daemon): Permit unix_dgram_socket operations.
-rw-r--r--etc/guix-daemon.cil.in3
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/guix-daemon.cil.in b/etc/guix-daemon.cil.in
index 91958b7617..0d7945843e 100644
--- a/etc/guix-daemon.cil.in
+++ b/etc/guix-daemon.cil.in
@@ -372,6 +372,9 @@
   (allow guix_daemon_t
          self
          (unix_stream_socket (connectto)))
+  (allow guix_daemon_t
+         self
+         (unix_dgram_socket (create bind connect sendto read write)))
 
   (allow guix_daemon_t
          node_t